'use strict';

/**
 * Module dependencies
 */
var acl = require('acl');

// Using the memory backend
acl = new acl(new acl.memoryBackend());

/**
 * Invoke Stories Permissions
 */
exports.invokeRolesPolicies = function () {
  acl.allow([{
    roles: ['admin'],
    allows: [{
      resources: '/api/stories',
      permissions: '*'
    }, {
      resources: '/api/stories/:storyId',
      permissions: '*'
    }]
  }, {
    roles: ['user'],
    allows: [{
      resources: '/api/stories',
      permissions: '*'
    }, {
      resources: '/api/stories/:storyId',
      permissions: '*'
    }]
  }, {
    roles: ['guest'],
    allows: [{
      resources: '/api/stories',
      permissions: ['get']
    }, {
      resources: '/api/stories/:storyId',
      permissions: ['get']
    }]
  }]);
};

/**
 * Check If Stories Policy Allows
 */
exports.isAllowed = function (req, res, next) {
  var roles = (req.user) ? req.user.roles : ['guest'];

  // If an story is being processed and the current user created it then allow any manipulation
  if (req.story) {
    if (checkIsInStory(req.story, req.user)) {
      next();
    } else {
      return res.status(403).send({
        message: 'User is not '
      });
    }
  } else {

    // Check for user roles
    acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
      if (err) {
        // An authorization error occurred
        return res.status(500).send('Unexpected authorization error');
      } else {
        if (isAllowed) {
          // Access granted! Invoke next middleware
          return next();
        } else {
          return res.status(403).json({
            message: 'User is not authorized'
          });
        }
      }
    });
  }
};

function checkIsInStory(story, user) {
  if (story && user) {
    if (story.creator._id.toString() === user._id.toString()) return true;
    for (var i = 0; i < story.members.length; ++i) {
      if (story.members[i]._id.toString() === user._id.toString()) return true;
    }
  }
  return false;
}
